Posted by hyperguard on December 18, 2009
We’re glad to see others are seeing the importance and worth in a distributed Web Application Firewall (dWAF); however, we wouldn’t call Akamai’s recent news the first WAF in the cloud. The technology is a black list filter for requests.
Adrian Lane @ Jeremiah: in reference to Jeremiah’s point on white list vs. black list
…I am making the assumption that Akamai relieves their customers from specific ‘black list’ threats and the burden on web site WAFs, but does not relieve customers of the need to build their own ‘white list’ of policies.
Today’s WAF technology looks very different. Black, white and gray listing is considered a basic functionality. Proactive features like session protection, form field virtualization, learning and assisted security policy refinements are a must. Exchanging information with web application security related products, such as web application security vulnerability scanners or static code analysis tools, are a must-have.
For these reasons, art of defence launched the first fully fledged dWAF for their customers at RSA 2009. More recently, we’ve made this service available to AWS customers or solution providers so they can protect their applications by applying hyperguard SaaS either as software plug-in to an existing web server Amazon Machine Image (AMI), or by using AoD’s custom AMI. The technology behind this is going to be implemented at other various cloud service providers in the near future so they can offer a true dWAF (at least) in their cloud.
Follow the discussion on Twitter @hyperguard.